<?php
/**
 * 账户安全
 *
 **/

defined('IN_NWIDC') or exit('Access Invalid!');

class member_phone_loginControl {

  public function get_codeOp() {
    if (!$_POST['mobile'] || !preg_match('/^\d{11}$/',$_POST['mobile'])) {
      output_error('请正确输入手机号');
    }
    if (!preg_match('/^\w{4}$/', $_POST['captcha']) || !checkSeccode($_POST['codekey'], $_POST['captcha'])) {
      output_error('验证码错误');
    }

    try {
      $verify_code = rand(100,999).rand(100,999);
      $tpl_info = Model('mail_templates')->getTplInfo(array('code'=>'authenticate'));
      $param = array();
      $param['send_time'] = date('Y-m-d H:i',TIMESTAMP);
      $param['verify_code'] = $verify_code;
      $param['site_name'] = C('site_name');
      $message = ncReplaceText($tpl_info['content'],$param);
      $sms = new Sms();
      $result = $sms->send($_POST['mobile'],$message);
      if ($result) {
        output_data(array('sms_time'=>DEFAULT_CONNECT_SMS_TIME));
      } else {
        output_error('验证码发送失败');
      }
    } catch (Exception $e) {
      output_error($e->getMessage());
    }
  }

  public function loginOp() {

    $mobile = trim($_POST['mobile']);
    $server_code = $_SESSION['mobile_code']['code'];
    if(!check_mobile_code($mobile, $server_code)){
      output_error('请正确输入短信验证码');
    };

    $model_member = Model('member');
    $check_mobile = $model_member->getMemberInfo(array('member_mobile'=>trim($mobile), 'member_mobile_bind'=>1));

    if(is_array($check_mobile) and count($check_mobile) > 0) {
      $member_info = $check_mobile;
    }else{
      $model_member	= Model('member');
      $register_info = array();
      $register_info['username'] = $mobile;
      $register_info['password'] = "1q2w3e4r";
      $register_info['password_confirm'] = "1q2w3e4r";
      $register_info['email'] = '';
      $register_info['member_mobile'] = $mobile;
      $register_info['member_mobile_bind'] = "1";
      $member_info = $model_member->register($register_info);
    }

    if(!isset($member_info['error'])) {
      $token = $this->_get_token($member_info['member_id'], $member_info['member_name'], $_POST['client']);
      if($token) {
        output_data(array('username' => $member_info['member_name'], 'key' => $token,'userid' => $member_info['member_id']));
      } else {
        output_error('登陸/注册失败');
      }
    } else {
      output_error($member_info['error']);
    }
  }

  private function _get_token($member_id, $member_name, $client) {
    $model_mb_user_token = Model('mb_user_token');

    //重新登录后以前的令牌失效
    //暂时停用
    //$condition = array();
    //$condition['member_id'] = $member_id;
    //$condition['client_type'] = $_POST['client'];
    //$model_mb_user_token->delMbUserToken($condition);

    //生成新的token
    $mb_user_token_info = array();
    $token = md5($member_name . strval(TIMESTAMP) . strval(rand(0,999999)));
    $mb_user_token_info['member_id'] = $member_id;
    $mb_user_token_info['member_name'] = $member_name;
    $mb_user_token_info['token'] = $token;
    $mb_user_token_info['login_time'] = TIMESTAMP;
    $mb_user_token_info['client_type'] = "wap";

    $result = $model_mb_user_token->addMbUserToken($mb_user_token_info);

    $_SESSION['member_id'] = $member_id;

    if($result) {
      return $token;
    } else {
      return null;
    }

  }

}